My Form was flagged for Phishing, now what?

Jessica

February 26, 2019 15:04

Updated

What is Phishing?

Phishing is the electronic attempt to gain sensitive data such as usernames, passwords, credit cards, etc. for malicious reasons. Our system works behind the scenes to detect forms that are collecting data of this nature without the proper security features in place.

Next Steps

If your form was flagged, you should have received a notice stating the cause for the flag and the corrective action needed on the form. Since every form collects different data and there are different reasons a form can get flagged for phishing, we send the most appropriate notice we can. However, if you're unclear or need further assistance taking the corrective action, please follow this guide below or reach out to our Support team for assistance.

The primary reasons a form will be flagged are:

Insufficient Form Security: Data Encryption and/or SSL must be enabled.

The Form is Collecting Passwords: We do not allow the collection of passwords under any circumstance.

Some Part of the Form is in Violation of Our Terms & Conditions: This can include scenarios like having the correct form security in place to collect sensitive data, but perhaps you're sending that sensitive data over unsecured notification emails.

The article linked below walks through the most common corrective action needed when collecting sensitive data on your form.

1) If you're collecting and storing any sensitive data on your form, you want to enable Data Encryption for said form.

2) You want to make sure you're not sending the collected sensitive data over Notification or Confirmation emails set up on your form. If you are, the article linked above covers your options for correcting this.

3) Treat file uploads that contain sensitive data in the same fashion.

Where's My Form?

Forms flagged for phishing will be moved to the Archived folder in your Account. You may reactivate these forms by making the required changes to the form and/or enabling the proper security. To reactivate a form, go to the Forms Menu > Archived Forms > place a checkmark next to the Form(s) in question and choose to Restore these on the Account.

Note: Forms reactivated without the proper changes or enabling the proper security will be re-flagged and added back to the automated security filter. Please ensure the proper changes are made to the Form prior to Restoring the Forms. Also, our automated system can occasionally flag a form that does not have a violation. If you believe this is the case, please reach out to our Support team and we will perform a check of your form.